This year, the survey is further enhanced by regional breakdowns of the enterprise respondent. Attack types, targets, techniques, motivations, impacts, and costs are all broken out for US and Canada, Brazil, UK, Germany, France, and Japan. These regional insights from survey respondents are further enhanced, and often validated, by global attack data from NETSCOUT’s ATLAS® infrastructure, which delivers visibility into one-third of all internet traffic.

Key Findings

There are new trends emerging that we expect will be with us for several to come. The reason is quite simple and comes down to something very basic: human nature. As we place growing importance on the delivery of cloud-based services, it should come as no surprise that attackers are increasingly targeting these services with attacks. If it’s important to you (network operators), it’s important to them (attackers).

Terabit Attacks

For the first time ever, a DDoS attack topped 1 TBPS in size. A few days later, a 1,7 TBPS attack was recorded. We've officially entered the terabit attack era.

1 TBps

1,7 TBps

Transformação digital

Important elements of digital transformation strategies are now under attack. In 2018, there was a threefold increase in the number of attacks.

Attacks against SaaS services

13%

41%

Attacks against third-party data centers + cloud services

11%

34%

Malicious Insiders

26%

Indicated their organization experienced an attack by a malicious insider in 2018.

Japão

14%

lowest in our survey

França

37%

highest in our survey

Firewalls

43%

reported that their firewall and/or IPS contributed to outage during a DDoS attack

Cost of Downtime

The cost of downtime associated with internet service outages caused by DDoS attacks in 2018.

$221.836,80

cost per attack

Attack Size

Max Attack Size

273%

While the total number of DDoS attacks declined 4% globally, we saw a dramatic and persistent increase in DDoS attack size and complexity.

For enterprises that experienced a DDoS attack:

91%

91%

said that one or more completely saturated their internet bandwidth

36%

36%

experienced a multi-vector DDoS attack

Provedor de serviço

For 14 years one thing has been clear: service providers have had to bear the brunt of DDoS attacks and have taken the lead in DDoS defense. When the Worldwide Infrastructure Report (WISR) was launched 14 years ago, 10 Gbps attacks made headlines and took networks down. Today, attacks forty times that size are routinely mitigated with little to no disruption to online services.

Cyber Reflections

DDoS has long been a tool for online protests, thanks to the combination of increasingly sophisticated for-hire DDoS attack services and free attack tools that enable anyone with basic online skills to launch an attack.

As political instability increases around the world, expect DDoS to continue to be used as a form of protest.

Importance

If it’s important to you, it’s important to them. As service providers place growing importance on the delivery of cloud-based services to enterprises and consumers, it should come as no surprise that attackers are increasingly targeting these services with DDoS attacks.

47%in 2018

33%in 2017

25%in 2016

Desafios operacionais

3Years

For the past three years, we have seen service providers increasingly turn to third-party (outsourced) and third-party augmented (hybrid) SOC capabilities.

This highlights once again the global challenges organizations face to build an maintain an internal security team of skilled practitioners, and their reliance on outsourcing to address the issue.

Empresa

Enterprises reported a host of challenges this year, from ransomware to extortion to DDoS attacks as well as ongoing staffing and operational challenges. Evident in this year’s findings is the ongoing game of whack-a-mole between defenders and attackers.

State Exhaustion Attacks

As enterprise organizations invested in cloud-based DDoS mitigation service in recent years, attackers shifted their attention to stateful infrastructure.

31%in 2018

16%in 2017

Targeting New Services

The increasing use of encrypted traffic was reflected in the growing rate of attacks targeting it.

94%

experienced encrypted traffic attacks in 2018, nearly twice the percentage as the previous year

Simplify Operations, Please

We found a near-universal desire to simplify operational security processes, with the top priority being component and workflow integration.

92%

in favor of simplifying

Country Specific Data

This year, we dug into our enterprise survey data for highlights from six countries. Attack types, targets, techniques, motivations, impacts, and costs are all broken out for US and Canada, Brazil, UK, Germany, France, and Japan.

Brasil

UK

França

Japão

US

Canadá

Alemanha

DDoS Attack Targets

Infraestrutura

Global

49%

average

Brasil

57%

highest in our survey

Customer-Facing Service/Applications

Global

38%

average

Brasil

46%

highest in our survey

Saas Services

Global

41%

average

França

53%

highest in our survey

Hiring Skilled People

51%

cited hiring and retaining skilled employees as a major challenge.

Cost of Downtime

Alemanha

$351.995

highest in our survey

Japão

$123.026

lowest in our survey

Global Data

NETSCOUT Arbor’s Active Threat Level Analysis System (ATLAS®) delivers a truly comprehensive view into internet traffic, trends and threats. With visibility into one-third of all internet traffic, we are ideally positioned to deliver actionable intelligence about botnets, DDoS attacks and malware that threaten internet infrastructure and network availability.

Attack Size

Max Attack Size

273%

While the total number of DDoS attacks declined 4% globally, we saw a dramatic and persistent increase in DDoS attack size and complexity.

Global DDoS Frequency

The number of DDoS attacks was down 4%

6,13

Million Attacks

Despite that sliver of good news, that equals:

16.794attacks per day

700attacks per hour

12attacks per minute

Most Targeted Region

2017EMEA

with 2.3 million attacks

2018Asia Pacific

also with 2.3 million attacks

Latin America Rising

Attack Size

The dramatic increase in DDoS attack size was consistent throughout the year.

270,6 GBPS

Largest attack in 2017

600 GBPS

Largest attack in 2018

Attack Frequency

Looking at the largest DDoS attacks each month and taking their average size, they were 45% larger in 2018 than in 2017.

2017

2018

Latin America, along with Asia Pacific, was the only other region to see a rise in DDoS attack frequency.

14%

Rise in DDoS attack frequency

41.938

DDoS attacks per month

Conclusão

NETSCOUT’s Worldwide Infrastructure Security Report delivers direct insights into what your peers are doing to address today’s most pressing security and operational challenges. We hope that you find the information useful in protecting your business in the coming year.